engine Posted August 28, 2008 Author Posted August 28, 2008 (edited) Has this code been tested on a Domain Controller? It doesn't appear to work correctly.Edit:This appears to be because the _Security__LookupAccountSid and _Security__LookupAccountName functions do not return the expected values. This would be because there are no local accounts.I was hoping someone would test that and report back.I will take a look at that. There should be a way to fix that.Anyway. I was hoping it would work on domain controllers. The AutoIt documentation suggests it:Name of the system. This string can be the name of a remote computer. If this string is blank,the account name translation begins on the local system. If the name cannot be resolved on the local system,this function will try to resolve the name using domain controllers trusted by the local system. Edited August 28, 2008 by engine My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]
archrival Posted August 28, 2008 Posted August 28, 2008 I was hoping someone would test that and report back.I will take a look at that. There should be a way to fix that.Anyway. I was hoping it would work on domain controllers. The AutoIt documentation suggests it:I made a quick modification to the GetProfile() function to check for the validity of $avArray, if it's not set then I assume it's a domain controller. I didn't spend too much time on it, but the part where you are using _Security__LookupAccountName($sComputer, $sComputer) to retrieve the computer SID is the part that fails.
engine Posted August 28, 2008 Author Posted August 28, 2008 I made a quick modification to the GetProfile() function to check for the validity of $avArray, if it's not set then I assume it's a domain controller. I didn't spend too much time on it, but the part where you are using _Security__LookupAccountName($sComputer, $sComputer) to retrieve the computer SID is the part that fails.Thanks.That part can be removed if needed. The computer SID is used only to generate a temporary SID for the "Defaut User" account. I will review that as soon as possible. My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]
engine Posted August 30, 2008 Author Posted August 30, 2008 @archrivalCan you please try this -> http://technet.microsoft.com/en-us/sysinte...s/bb897417.aspxPlease use this command line:psgetsid \\ComputerNamePlease inform me of the result.Thanks. My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]
netegg Posted September 19, 2008 Posted September 19, 2008 (edited) how to delete all users' privilege about a certain key? Edited September 19, 2008 by netegg
engine Posted September 25, 2008 Author Posted September 25, 2008 Updated to address issues previously encountered on domain controllers. _SetPrivilege() function is now on a separate file. Enjoy! My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]
OldCoder Posted December 4, 2008 Posted December 4, 2008 First off, let me say that I think you've done a really nice job here. I've tried converting Visual BASIC examples of this into AUTOIT, but with extremely limited success. I did, however, try _RegSaveHive() on HKLM\SECURITY and it returned an error. Other hives under HKLM worked, like SAM and SOFTWARE...am I doing something wrong? I figured, since REG.AU3 UDFs sets privileges, it should work saving and restoring, but this is not the case. I tried playing with the privileges a bit, but can't get it to work. Using the DOS command AT, (in XP), I can bypass privileges and get to the HKLM\SECURITY hive and even save or restore it. Though this method is messy and I'd really prefer to use an API call. Again, nice work on this, and thanks for all your efforts. Hope someone can help me out here, I feel kinda stupid. Cheers, OldCoder "Intelligence is the ability to adapt to change."                                      - Stephen Hawking                                        "...not the ability to exploit others."                                                  - OldCoder
engine Posted December 22, 2009 Author Posted December 22, 2009 Updated UDF to work on latest AutoIt version 3.3.2.0 My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]
LeHuynhNam Posted January 19, 2010 Posted January 19, 2010 Can you give me some examples to use this UDF? THanks In advanced Â
AdamUL Posted January 19, 2010 Posted January 19, 2010 There is an error on line 425 in the ProfileAdd function in the HKCUReg.au3 that was updated for AutoIt 3.3.2.0. After calling _Security__LookupAccountSid there is no way to deal with an $avUser result of 0 that can be returned with no error in the updated _Security__LookupAccountSid function in Security.au3. Here is an example that throws an error when the GetProfile function calls the ProfileAdd function. #include "HKCUReg.au3" #include <Array.au3> $aResult = _HKCU_Read("Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders", "AppData") _ArrayDisplay($aResult, "AppData") This code will throw a "Subscript used with non-Array variable." error due to $avUser not being an array. This was returned by SciTE: C:\Registry UDF\HKCUReg.au3 (426) : ==> Subscript used with non-Array variable.: If $avUser[2] = 1 Then If $avUser^ ERROR If you look at the code segment for ProfileAdd. Local $avUser = _Security__LookupAccountSid($sSID) If Not @error Then If $avUser[2] = 1 Then You will notice that only @error is tested for, and does not check $avUser to see if it is a 0 or not. To test a fix for this problem, I changed line 425 from If Not @error Then to If Not @error And $avUser <> 0 Then This seem to have corrected the problem.
engine Posted January 19, 2010 Author Posted January 19, 2010 Thanks for your report. I changed to: If Not ( @error And $avUser ) Then Please test and report back. My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]
AdamUL Posted January 20, 2010 Posted January 20, 2010 Thanks you for your quick response. The statement If Not ( @error And $avUser ) Then does not solve the problem and throws the same error due to the statement executing when $avUser = 0. It should only execute when there is not an error and $avUser <> 0. Here is a simple script to see how the statement is acting: ;Testing a variable when it is a integer or an array and leaving $iError at 0. $iError = 0 $avTest = 0 If Not $iError And $avTest <> 0 Then MsgBox(0, "Test", "$aTest is an array") ;Is NOT executed due to it NOT being an array. ElseIf Not ( $iError And $avTest ) Then MsgBox(0, "Test", "$aTest is NOT an array") ;Is executed. EndIf Dim $avTest[3] = [1, 2, 3] If Not $iError And $avTest <> 0 Then MsgBox(0, "Test", "$avTest is an array") ;Is executed. ElseIf Not ( $iError And $avTest ) Then MsgBox(0, "Test", "$avTest is NOT an array") ;Is NOT executed due to it being an array. EndIf I believe that the statment that I proposed If Not @error And $avUser <> 0 Then solves the problem due to it checking that there is not an error first then checking the state of $avUser. When $avUser is an array, when it is not equal to zero, is when the statement should execute. I would also like to thank you for your work on the very nice UDF. It has helped me greatly in quite a few projects I have worked on.
Shark007 Posted January 21, 2010 Posted January 21, 2010 (edited) I'm having some difficulty understanding just how to use this udf. I have a need to modify the users registry while my application is running in administrative mode (executed using, run as administrator). Currently, when i write to HKCU, it doesnt write the information to the users HKCU, which is where I need the information to go. A small example of this specific usage would be highly appreciated. To be even more specific, From my script I use RunWait('Reg.exe import ' & @ScriptDir & '\hkcu.reg', @SystemDir, @SW_HIDE) but it is not going to the users HKCU, because of the need to run the script in administative mode to accomplish other tasks. The registry file contains over 2000 entries so I'm hoping this can still be accomplished using the reg import command. Edited January 22, 2010 by Shark007
AdamUL Posted January 22, 2010 Posted January 22, 2010 The reason that your HKCU keys do not change the information for the user that launched the script is due to the script being executed as an administrator. The registry edits are editing the administrator's profile HKCU keys. When you "run as admin", the admin user profile hive is loaded into the registry with its SID and that is all the script knows to edit. This UDF loads each profile hive found on the system into the registry and edits them and then unloads them, or it can do a specifically named profile. The function in this UDF that will do what you want to do with a REG file is _HKCU_Import. As the description in the UDF states for _HKCU_Import: "Imports a previously exported reg file to the registry". This function will only work on the local system, it will not work with remote registry. The other functions will. An example using your REG file to edit HKCU for all profiles on the system. #include "HKCUReg.au3" _HKCU_Import(@ScriptDir & '\hkcu.reg') An example using your REG file to edit HKCU only for the "TestUser" profile on the system. #include "HKCUReg.au3" _HKCU_Import(@ScriptDir & '\hkcu.reg', 'TestUser') The comment section above each function in the UDF have some really good examples on how to use each function. The examples are at the bottom of each comment section. Since your script is running as admin, you will need some way to see what the user profile name is before the script is launched under the admin account, so the script knows which hive to edit. Here is how I usually do it at the top of my scripts that need admin rights to edit the registry. $sUserNameFile = @ScriptDir & "\UserName.dat" If Not FileExists($sUserNameFile) Then FileWriteLine($sUserNameFile, @UserName) FileSetAttrib($sUserNameFile, "+H") EndIf Global $sProgramName = "Run As Admin " & StringTrimRight(@ScriptName, 4) If WinExists($sProgramName) Then Exit; To prevent the script from running itself over and over and over if the specified admin user is not found... AutoItWinSetTitle($sProgramName) ; To prevent the script from running itself over and over and over if the specified admin user is not found... Global $sAdminUser = "Admin" ;Have encrypted and decrypt here. If @UserName <> $sAdminUser And Not IsAdmin() And @Compiled Then ;Checks to see if is is running under the admin user. Global $sAdminPassword = "password" ;Have encrypted and decrypt here. RunAs($sAdminUser, @ComputerName, $sAdminPassword, 0, @AutoItExe) ;For running under local admin account. If @error Then MsgBox(16, "ERROR!", "Unable to run under administrator account.") ;If admin elevation fails. FileDelete($sUserNameFile) EndIf Exit EndIf #include "HKCUReg.au3" $sUserName = FileReadLine($sUserNameFile, 1) FileDelete($sUserNameFile) _HKCU_Import(@ScriptDir & '\hkcu.reg', $sUserName) ;Rest of the script.
Shark007 Posted January 22, 2010 Posted January 22, 2010 AdamUL, thanks for taking the time to respond and for helping me understand the usage of this UDF.
engine Posted January 23, 2010 Author Posted January 23, 2010 Thanks AdamUL for reporting and testing. And helping Shark007 !I think that:If Not @error And $avUser ThenIs equivalent to your statement. Note the parenthesis are now absent. Please test. If it works I will make it permanent.Thanks. My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]
ECHAIGNE Posted January 26, 2010 Posted January 26, 2010 Thanks AdamUL for reporting and testing. And helping Shark007 ! I think that: If Not @error And $avUser Then Is equivalent to your statement. Note the parenthesis are now absent. Please test. If it works I will make it permanent. Thanks. No, it's not work but If Not @error And $avUser <> 0 Then Or If Not @error And isarray($avUser) Then seems work ==> try this expandcollapse popupLocal $test For $i = 0 To 2 $test = Test($i) If Not @error And IsArray($test) Then ConsoleWrite("Test Array OK ==> " & $test[2] & @LF) Else ConsoleWrite("Error" & @LF) EndIf $test = Test($i) If Not @error And $test <> 0 Then ConsoleWrite("Test <> 0 OK ==> " & $test[2] & @LF) Else ConsoleWrite("Error" & @LF) EndIf $test = Test($i) If Not @error And $test Then ConsoleWrite("Test exist KO ==> " & $test[2] & @LF) Else ConsoleWrite("Error Test exist KO" & @LF) EndIf Next Exit Func Test($vSID) Local $pSID, $aAcct[3] If $vSID = 1 Then Return SetError(-1, 0, 0) If $vSID = 2 Then Return 0 Local $aAcct[3] $aAcct[0] = "Name" $aAcct[1] = "Domain" $aAcct[2] = "SNU" Return $aAcct EndFunc ;==>Test
engine Posted January 26, 2010 Author Posted January 26, 2010 Thanks ECHAIGNEI will take your word for it. I don't have time to design my own test scripts or even to test these things.The new UDF on the first post contains these modifications.Regards. My contributions:Local account UDF Registry UDFs DriverSigning UDF Windows Services UDF [url="http://www.autoitscript.com/forum/index.php?showtopic=81880"][/url]
Paider Posted February 10, 2010 Posted February 10, 2010 Did anyone of you test _HKCU_Read on a Windows 7 machine? I ran the script as LocalSystem and try to read data from Domain users registry who is logged in at that moment. But the function did not return anything for this user, even so the registry key exists for this user.
Paider Posted June 17, 2010 Posted June 17, 2010 Did anyone checked this in the meanwhile? I have no succes in running that on a Windows 7 machine.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now